Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          7Psz9WAuQK7A3Ug+yd5qxs01IEGkI9T4uK3bWEAfA5c=
Subject key identifier:   F9:FF:04:85:56:68:B9:A1:92:F0:D0:15:25:89:0B:25:EF:C9:B9:28
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       019CAC4748BD50D28672FE0B304AF16AA892
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 02:01:18 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:18 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:18 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: lcHUmtBs2YzIaYs3ckGP1OLrTMpKJa1Q1T3DpLffHt0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:48:bd:50:d2:86:72:fe:0b:30:4a:f1:6a:a8:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Mar  2 02:01:18 2026 GMT
            Not After : Mar  3 02:01:18 2026 GMT
        Subject: CN=f9ff04855668b9a192f0d01525890b25efc9b928
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9c:37:31:fb:29:28:cc:f2:d0:d0:2c:f3:22:
                    fd:e6:bf:48:77:4c:5b:7c:1b:0f:74:e9:2b:31:fb:
                    15:86:61:0d:f8:a7:d1:6f:58:1b:07:49:5a:a3:9a:
                    e6:34:90:98:e6:83:15:07:5d:a2:f6:16:34:69:d7:
                    14:7b:5e:a4:a6:86:75:c3:48:3a:a1:43:22:e1:3e:
                    c7:3f:b1:8a:80:a5:09:3a:c5:87:65:8e:5c:c2:53:
                    3c:32:1e:38:fc:3c:b4:57:f9:84:07:7f:f6:d2:cf:
                    55:41:ac:48:2b:2b:fa:61:dc:21:c2:b7:74:2b:fc:
                    a0:da:3a:01:f6:92:33:00:1b:07:34:36:74:22:2b:
                    16:7f:47:eb:3f:f8:72:9b:8b:3e:98:eb:50:4e:12:
                    78:bb:06:fc:07:81:63:91:0a:b1:6a:c8:4b:6e:fb:
                    b6:c1:15:af:6f:a0:e2:2d:9c:02:79:cb:7c:fd:27:
                    ca:d6:c5:11:f7:fa:fd:0a:b9:ff:a4:bf:23:d7:f6:
                    ec:e8:22:a2:eb:5e:81:44:8f:fd:b6:97:89:d3:7b:
                    12:9b:ef:6b:d7:4a:51:de:e8:87:9b:e6:69:9a:80:
                    7b:62:df:2e:80:4a:7c:c4:02:40:3c:6b:70:e6:9e:
                    92:8e:9f:0c:1a:cb:cb:38:94:cd:01:7d:06:6d:31:
                    a1:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:FF:04:85:56:68:B9:A1:92:F0:D0:15:25:89:0B:25:EF:C9:B9:28
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:3b:a5:58:3b:ed:2e:c5:3c:81:60:bb:eb:65:a4:f2:61:80:
         14:d7:8b:d2:b5:c7:e1:d6:74:77:7a:54:bf:60:8e:71:4d:45:
         e5:90:60:2e:65:65:66:87:f7:aa:b4:6b:6f:6a:ac:1f:62:95:
         65:5a:6c:81:0e:05:b6:59:4f:78:43:79:96:2b:ed:f7:e9:09:
         10:15:a0:3d:26:1d:ec:2f:bb:2e:1c:f1:77:9f:b5:b7:48:8d:
         07:5b:43:a2:da:a3:54:29:4f:d8:47:51:19:45:37:e4:1e:39:
         16:4f:4c:51:eb:88:80:5e:f2:4e:2a:d4:6c:cf:9a:dc:b3:e2:
         00:40:82:d4:12:16:eb:54:0d:58:6d:56:8e:f2:2c:c7:29:e0:
         e5:cf:1d:e8:40:80:2d:8e:70:51:83:66:3a:d7:89:a7:4f:76:
         35:aa:84:3d:9d:36:ca:18:03:4e:b3:35:7c:db:26:6c:e8:7c:
         91:00:97:ed:62:9d:17:fd:e2:f7:45:a4:37:70:89:58:43:ec:
         7d:6b:ec:c3:61:e5:ee:07:db:f0:9f:c0:4f:f7:d1:70:7b:8e:
         8b:cd:b5:5a:79:4a:d9:75:b4:f8:df:11:d9:9c:1d:63:18:79:
         8a:94:70:3d:76:fa:e7:43:14:73:cd:92:0b:92:cb:f2:c0:fc:
         e5:31:09:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR0i9UNKGcv4LMErxaqiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjYwMzAyMDIwMTE4WhcNMjYwMzAzMDIwMTE4WjAzMTEwLwYDVQQD
EyhmOWZmMDQ4NTU2NjhiOWExOTJmMGQwMTUyNTg5MGIyNWVmYzliOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJw3MfspKMzy0NAs8yL95r9Id0xb
fBsPdOkrMfsVhmEN+KfRb1gbB0lao5rmNJCY5oMVB12i9hY0adcUe16kpoZ1w0g6
oUMi4T7HP7GKgKUJOsWHZY5cwlM8Mh44/Dy0V/mEB3/20s9VQaxIKyv6Ydwhwrd0
K/yg2joB9pIzABsHNDZ0IisWf0frP/hym4s+mOtQThJ4uwb8B4FjkQqxashLbvu2
wRWvb6DiLZwCect8/SfK1sUR9/r9Crn/pL8j1/bs6CKi616BRI/9tpeJ03sSm+9r
10pR3uiHm+ZpmoB7Yt8ugEp8xAJAPGtw5p6Sjp8MGsvLOJTNAX0GbTGh5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPn/BIVWaLmhkvDQFSWJCyXvybkoMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjzulWDvt
LsU8gWC762Wk8mGAFNeL0rXH4dZ0d3pUv2COcU1F5ZBgLmVlZof3qrRrb2qsH2KV
ZVpsgQ4FtllPeEN5livt9+kJEBWgPSYd7C+7Lhzxd5+1t0iNB1tDotqjVClP2EdR
GUU35B45Fk9MUeuIgF7yTirUbM+a3LPiAECC1BIW61QNWG1WjvIsxyng5c8d6ECA
LY5wUYNmOteJp092NaqEPZ02yhgDTrM1fNsmbOh8kQCX7WKdF/3i90WkN3CJWEPs
fWvsw2Hl7gfb8J/AT/fRcHuOi821WnlK2XW0+N8R2ZwdYxh5ipRwPXb650MUc82S
C5LL8sD85TEJ0Q==
-----END CERTIFICATE-----